Share this article

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Windows 11 users will now be able to protect passwords better with Enhanced Phishing Protection

2 min. read

Published onSeptember 26, 2022

published onSeptember 26, 2022

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Last week, Microsoft announced that it’s beginning to roll outthe Windows 11 2022 Updatewhich features a ton of improvements. Among them is Enhanced Phishing Protection, a tool that is designed to identify malicious sites or applications that attackers use to access login credentials. Whenever the tool detects such an instance, it automatically notifies the admin through Microsoft Defender for Endpoint.

According to a newTech Community blog postby Sinclaire Hamilton –

“Enhanced phishing protection is baked into the Windows 11 operating system and automatically detects when users type their password into any app or site. Windows understands in real-time whether that app or website has a secure connection to a trusted website; if not, Windows will let users know if they’re in danger. That means admins can know exactly when a password has been stolen and be equipped to better protect your organization. When Windows 11 protects against one phishing attack, that threat intelligence cascades to protect other Windows users interacting with other apps and sites that are experiencing the same attack as well.”

How does Enhanced Phishing Protection work? Windows will first analyze where you enter your password, then use SmartScreen to decipher the authenticity of the application or site. It then responds immediately and alerts the users that they are required to change their password immediately, this is regardless of whether they are using a Microsoft Account, Active Directory, Azure Active Directory, or local passwordSmartScreen. The tool will also notify the IT admin of the incident through the MDE portal for further investigation and mitigation of the issue.

SmartScreen identifies and protects against corporate password entry on reported phishing sites or apps connecting to phishing sites, password reuse on any app or site, and passwords typed into Notepad, Wordpad, or Microsoft 365 apps.

IT admins can control which instances end users will receive warnings for these security breaches via CSP/MDM or Group Policy. The feature is however in audit mode by default, which allows admins to assess password usage through the Defender for Endpoint portal without notifying users.

The feature is currently accessible to users who haveupgraded to Windows 11 22H2.However, for commercial customers looking to receive the Enhanced Phishing Protection alerts in the M365 Defender security portal, their license must have Microsoft 365 Defender security portal access.

Have you accessed this feature yet? Share your thoughts with us in the comment section below.

Radu Tyrsina

Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time).

For most of the kids of his age, the Internet was an amazing way to play and communicate with others, but he was deeply impressed by the flow of information and how easily you can find anything on the web.

Prior to founding Windows Report, this particular curiosity about digital content enabled him to grow a number of sites that helped hundreds of millions reach faster the answer they’re looking for.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Radu Tyrsina